Detect Bad Debian OpenSSL Certificates Using Firefox

Much has been written about the Debian OpenSSL blunder that was recently exposed. Essentially, Debian OpenSSL in any Debian distribution of Linux has been generating predictable private keys for the past two years. This makes it trivial to hack the connection and make the SSL certificate useless. It makes for some funny xkcd comics but the problem is a serious one. Distributions of Debian OpenSSL are used by thousands.

So you regenerated all your keys and reissued the certificates. Problem solved, right? Maybe for people using your sites, but how do you know that the web sites that you personally visit aren't using a vulnerable certificate? Do you want to give your credit card information to a site that might have a bad private key? Of course, you don't.

Márton Anka comes to the rescue by creating a Firefox plug-in that can detect if the site you are visiting is using a vulnerable SSL Certificate.

So I decided to put together a Firefox extension that can detect bad certificates for me. It only took a few hours after the release of SSL Blacklist for a user to find a website with a bad keypair:

Date Found    Date Fixed    Site    Archived Certificate
May 28, 2008    Not fixed yet    https://www.clickpass.com    .p7b
May 29, 2008    Not fixed yet    https://www.netbank.hu    .p7b

If you use SSL Blacklist and you're alerted of a site with a bad certificate, use the "Report" button on the warning dialog so it can be included in the above list.

Here's what the extension looks like when it detects a problem:


SSL Blacklist in action
(click to enlarge)

The Ubuntu folks have published an openssl-blacklist package that contains fingerprints for 393,216 known bad keys. My SSL Blacklist extension incorporates the openssl-blacklist databases, and will warn you when you're accessing a site that is not secure. This should go a long way towards giving you some peace of mind.

To grab the extension (signed code with a signed updater mechanism), just click the link to the XPI in the right column. IE users are out of luck for now: it's possible to do this for IE as well, but at this stage, I really don't feel like messing with the complex and poorly-documented URLMON interfaces.

This is a great help if you are using Firefox. If you are using Internet Explorer, you are out of luck. Does that make Firefox an even more secure browser than IE? Again? Be sure to check out Márton Debian OpenSSL Firefox extension.

SSL Blacklist 1.1 - [CodeFromThe70s.org]

Originally posted on Sun Jun 1, 2008